Data Protection and Loss Prevention
This policy establishes the responsibilities of Webzi and the customer regarding data protection, backups and information recovery. It is essential that the customer understands that protecting your data is a shared responsibility.
1. Customer Responsibility
The customer is primarily responsible for protecting their information and must:
- Protect access credentials: cPanel, email, FTP, database and client area passwords
- Change passwords periodically: Recommended every 60-90 days
- Use strong passwords: Minimum 12 characters, combining uppercase, lowercase, numbers and symbols
- Do not share credentials: Never send passwords via email or chat
- Keep software updated: WordPress, plugins, themes and applications
- Download backups regularly: Store them in an external location (local computer, cloud, etc.)
Webzi is not responsible for data loss resulting from:
- Weak or compromised passwords
- Unauthorized access due to customer negligence
- Malware or hacking due to outdated software
- Accidental file deletion by the customer
- Errors in customer scripts or code
- Failure to maintain external backups
2. Webzi Backup System
As a courtesy to the service provided, Webzi runs an automatic backup system for shared hosting, business email and reseller accounts:
| Feature | Detail |
|---|---|
| Tool | JetBackup |
| Frequency | Daily |
| Retention | 6 days (incremental backups) |
| Location | Remote (different datacenter from the service) |
| Content | Files, databases, emails, configurations |
Important: Courtesy backups are provided "as is" without guarantee of availability or integrity. They do not constitute a professional backup service and should not be the customer's only backup copy.
3. What Is Backed Up and What Is Not
Included in backups:
- Website files (public_html and subdomains)
- MySQL/MariaDB databases
- Email accounts and their messages
- cPanel configurations (filters, redirects, cron jobs)
- Installed SSL certificates
NOT included in backups:
- Files in temporary folders (/tmp, /cache)
- Individual files larger than 5 GB
- Error and access logs
- Backups generated by the customer (to avoid duplication)
- Content that violates our policies
4. Backup Restoration
4.1 Self-Service Restoration (Free)
Customers can restore their own backups directly from cPanel using JetBackup:
- Log in to cPanel
- Search for "JetBackup" in the tools section
- Select the type of restoration (files, databases, emails, etc.)
- Choose the desired backup date
- Select the elements to restore
- Confirm the restoration
Cost: Free
Availability: 24/7 from cPanel
4.2 Large or Assisted Restorations
For restorations of more than 5 GB or that require assistance from our technical team, the following conditions apply:
- Large restorations may be automatically interrupted by our monitoring system if they affect server performance
- In these cases, our technical team will schedule the restoration during off-peak hours
Assisted restoration costs:
| Concept | Cost (VAT included) |
|---|---|
| Per GB restored | $35 MXN |
| SysAdmin time (per hour) | $850 MXN |
Example: Restoring 10 GB with 2 hours of work = (10 × $35) + (2 × $850) = $350 + $1,700 = $2,050 MXN
5. VPS and Dedicated Servers
VPS and dedicated server services do NOT include automatic backup by default. The customer is fully responsible for implementing and maintaining their own backup strategy.
Webzi offers additional backup services for VPS and dedicated servers as an add-on. Contact our sales team for more information.
6. Reseller Customers
A reseller's customers have access to JetBackup from their individual cPanel, subject to the same policies as Webzi's direct customers. The reseller can:
- Enable or disable JetBackup access for their customers
- Restore their customers' backups from WHM
- Establish their own additional backup policies
7. Widespread Failure and Disaster Recovery
Webzi backups are stored in different datacenters from the server where the customer's service is located. This provides an additional layer of protection against localized production server failures.
However, although highly unlikely, there is a possibility of a catastrophic event affecting both production data and remote backups (simultaneous failure of multiple datacenters, force majeure events, etc.).
In case of production server failure:
- Webzi commits to: Restore the service from remote backups as quickly as possible
- If remote backups also fail: Webzi will reactivate an equivalent new service and the customer must provide their own external backup
Recommendation: Despite having remote backups, it is essential that the customer maintains their own external backups as an additional protection measure.
8. Backup Recommendations
Webzi recommends the following practices to protect your information:
- Download backups weekly (minimum) to your local computer
- Store copies in the cloud (Google Drive, Dropbox, OneDrive, etc.)
- Before important changes (updates, migrations), download a complete backup
- Periodically verify that your backups can be restored correctly
- Apply the 3-2-1 rule: 3 copies of your data, on 2 different storage types, with 1 copy off-site
9. Access Security
To protect your account, Webzi recommends:
- Enable two-factor authentication (2FA) in cPanel and client area
- Use SSH keys instead of passwords for SSH access
- Restrict access by IP when possible
- Regularly review access logs in cPanel
- Do not install software from untrusted sources
- Keep all software updated (WordPress, Joomla, plugins, etc.)
10. Detection of Compromised Accounts
If Webzi detects that an account has been compromised (hacking, malware, spam):
- The account may be temporarily suspended to protect the infrastructure
- The customer will be notified with recommended actions
- The customer must clean the malware and change all passwords
- Webzi can assist with cleanup for an additional charge (SysAdmin rate)
Note: Repeatedly compromised accounts may be cancelled if the customer does not take measures to secure their site.
11. Limitation of Liability
Webzi shall not be liable under any circumstances for:
- Loss of data, revenue, business opportunities or any consequential damages
- Backup corruption
- Inability to restore a specific backup
- Data deleted before the daily backup was executed
- Backup system failures for any reason
- Losses resulting from unauthorized access to the customer's account
Webzi's maximum liability, in any case, shall be limited to the amount paid by the customer in the last 12 months for the affected service.